Date of Award


Document Type


Degree Name

Master of Science (MS) in Computer Science


Computer Science


"Software systems are vulnerable to attack in many different ways. Systems can be poorly implemented which could allow an attacker access to the system through legitimate means such as anonymous access to a server or security controls and access lists can be configured incorrectly which would allow an attacker access to the system by exploiting a logic flaw in the systems configuration. These security vulnerabilities can be limited by implementing software systems properly or in a more restrictive manner. Sandboxing an application allows for interception of a processes system call for verification against a defined policy. A system call can be allowed or denied based on the function being called or can have parameters analyzed and verified against a defined policy. This paper presents a sandboxing framework for Microsoft Windows operating systems. The framework is written entirely in python and uses a modular design which allows for small and simple policies. Profiles can exist for processes which automatically load user policies for a sandbox process"--Document.


Typescript. Vita.